Re: [ietf-smtp] broken signatures, was Curious

John Levine <johnl@taugh.com> Wed, 22 July 2020 17:29 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: ietf-smtp@ietfa.amsl.com
Delivered-To: ietf-smtp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7BD8B3A07CA for <ietf-smtp@ietfa.amsl.com>; Wed, 22 Jul 2020 10:29:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=EN30gp0J; dkim=pass (1536-bit key) header.d=taugh.com header.b=w3k1HQs4
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yP6e6IM82lrg for <ietf-smtp@ietfa.amsl.com>; Wed, 22 Jul 2020 10:29:41 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 387673A077A for <ietf-smtp@ietf.org>; Wed, 22 Jul 2020 10:29:41 -0700 (PDT)
Received: (qmail 35797 invoked from network); 22 Jul 2020 17:29:40 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=8bcd.5f187784.k2007; bh=0ltfBtM07TPc7E+WFahIe1qSSzEqS9+M61HC+R29fxc=; b=EN30gp0JDWIXVmcEAOyo/tv/zxlzcXug0KrVCHMcID2HPx19VwBUErXd1JyYScbLC4qHxy7ABdP5Fnhi9jIe9vFQm3vHOF3gzIT/V+uK2R9fKmrunTCHZTXBFjumrDiivZAgmBV3DTF+4jsbqvK32eE+oinfcKuyTbuzDcyN1PMsB+KYqhgveAlKGkzpoZX9p0Obny+34kxgsycMjNbrHniXq5focUSkbdQyzkW21855eGOMhW5fTiy8eN5vnFxf
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=8bcd.5f187784.k2007; bh=0ltfBtM07TPc7E+WFahIe1qSSzEqS9+M61HC+R29fxc=; b=w3k1HQs44TgR1LsRkvzXW3KAqb44N1ILr/b7m4RHt8RCGOGtyeyzoZrLT+IGWd2j7l0hezqPSC1N67UZwa6GTYd7fDSiVC3nK6Azd6/wrrRpnTu6s8T7TCIqe0CfcootiuHOeZH4G4yiHg51QQTzce4scc2Y3P20lQeuWiGpDBpwoMp7F4ehdRb8U68tDHRx/gzkhdkERss5jRpEmpikEH8I8N6wzI1Z0ARovPEEnZilrvO27TnhwbfK6oYpr6x0
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 22 Jul 2020 17:29:39 -0000
Received: by ary.qy (Postfix, from userid 501) id 891DE1D620A4; Wed, 22 Jul 2020 13:29:39 -0400 (EDT)
Date: 22 Jul 2020 13:29:39 -0400
Message-Id: <20200722172939.891DE1D620A4@ary.qy>
From: "John Levine" <johnl@taugh.com>
To: ietf-smtp@ietf.org
Cc: mcr+ietf@sandelman.ca
In-Reply-To: <6464.1595370330@localhost>
Organization: Taughannock Networks
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-smtp/VFYvWWuyueCwzGWijW9UCXmuIvQ>
Subject: Re: [ietf-smtp] broken signatures, was Curious
X-BeenThere: ietf-smtp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-smtp/>
List-Post: <mailto:ietf-smtp@ietf.org>
List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2020 17:29:42 -0000

In article <6464.1595370330@localhost> you write:
>If the message goes through "mailman" or some other processor, then it seems
>like it ought to rip pretty much every X-FOO out.  The rest of them ought to
>be known headers at the time the processor was written, and it ought to
>either know what they are, or it does not, in which case, it shouldn't pass
>on things it does not know about.

That's not gpod advice. The point of the mystery headers is to tell
what happened to the message during its trip, and the part of the trip
before it hit the list manager is as important as the part after. When
I'm trying to figure out why something undesirable leaked through the
list manager, I need the original headers to figure out what happened.

I also don't understand what problem this is supposed to address. No
MUA of which I'm aware displays junk headers, so it can't be user
confusion.  If the concern is bandwidth, why aren't we resuscitating
the cascaded sub-list managers from prior decades, or inventing something
like STARTDEFLATE for SMTP?  Headers are in the noise when people are
shipping around giant blobs of HTML and attached pictures.

R's,
John